package cn.itsource.config;

import cn.itsource.annotation.PreAuthorize;
import cn.itsource.common.domain.LoginData;
import cn.itsource.common.util.JwtUtils;
import cn.itsource.common.util.Payload;
import cn.itsource.org.domain.Permission;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.reflect.Method;
import java.util.concurrent.TimeUnit;

@Component
public class LoginInterceptor implements HandlerInterceptor {
    public static final String TOKEN = "token";
    @Autowired
    private RedisTemplate<String,Object> redisTemplate;

    /**
     * @param request  请求
     * @param response  响应
     * @param handler  处理
     * @return true 放行通过拦截器  false不通过拦截器
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
        String token = request.getHeader(TOKEN);
        if(token != null){
            //解析
            try {
                Payload<LoginData> infoFromToken = JwtUtils.getInfoFromToken(token, LoginData.class);
                LoginData loginData = infoFromToken.getLoginData();
                //校验权限 接口权限
                if(handler instanceof HandlerMethod){
                    HandlerMethod handlerMethod = (HandlerMethod)handler;
                    Method method = handlerMethod.getMethod();//这里获取到的就是你访问的那个接口方法
                    //去获取方法上面有无PreAuthorize这个注解
                    PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
                    if(annotation != null){
                        //有就去判断自己有没有该权限
                        for (Permission permission : loginData.getPermissions()) {
                            if(permission.getSn().equals(annotation.sn())){
                                return true;
                            }
                        }
                        response.setContentType("application/json;charset=UTF-8");
                        response.getWriter().println("{\"success\":false,\"message\":\"noPermission\"}");
                        return false;
                    }
                    return true;
                }
            } catch (Exception e) {
                //这里报错  解析失败就会报异常
                e.printStackTrace();
                response.setContentType("application/json;charset=UTF-8");
                response.getWriter().println("{\"success\":false,\"message\":\"noLogin\"}");
                return false;
            }
        }
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().println("{\"success\":false,\"message\":\"noLogin\"}");
        return false;
    }

    //    /**
//     *
//     * @param request  请求
//     * @param response  响应
//     * @param handler  处理
//     * @return true 放行通过拦截器  false不通过拦截器
//     * @throws Exception
//     */
//    @Override
//    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//        //只要你没有登录  就不准进去
//        //问题 我怎么知道你有没有登录
//        //   你说你在redis里面去取值    token   哪里来？
//        //假设我能拿得到
//        String token = request.getHeader(TOKEN);
//        if(token != null){
//            Object o = redisTemplate.opsForValue().get(token);
//            if(o != null){
//                //刷新token
//                redisTemplate.opsForValue().set(token,o,30, TimeUnit.MINUTES);
//                return true;
//            }
//        }
//        response.setContentType("application/json;charset=UTF-8");
//        response.getWriter().println("{\"success\":false,\"message\":\"noLogin\"}");
//        return false;
//        String token = request.getHeader(TOKEN);
//        if(token == null){
//            response.setContentType("application/json;charset=UTF-8");
//            response.getWriter().println("{\"success\":false,\"message\":\"noLogin\"}");
//            return false;
//        }
//        Object o = redisTemplate.opsForValue().get(token);
//        if(o == null ){
//            response.setContentType("application/json;charset=UTF-8");
//            response.getWriter().println("{\"success\":false,\"message\":\"noLogin\"}");
//            return false;
//        }
//        //刷新token
//        redisTemplate.opsForValue().set(token,o.toString(),30, TimeUnit.MINUTES);
//        return true;//false
//    }
}